Subnet Router Anycast Addresses – what are they, how do they work?

Discussions on several mailing lists have shown that there is still a lot of misunderstanding”out there” about what subnet router anycast addresses are, and how they work. This article aims to help out, because the concept is actually pretty simple.

The subnet router anycast address is just an address that IPv6 defines as being, at all times, that of a router on the subnet. Not all routers on the subnet, and not any particular router on the subnet, but definitely one of them, if one exists. From RFC 4291 section 2.6.1:

Packets sent to the Subnet-Router anycast address will be delivered to one router on the subnet. All routers are required to support the Subnet-Router anycast addresses for the subnets to which they have interfaces.

The Subnet-Router anycast address is intended to be used for applications where a node needs to communicate with any one of the set of routers.

The subnet router anycast address is the lowest address in the subnet, so it looks like the “network address”. For example, if the prefix for the subnet is 2001:db8:0:100::/64 then the subnet router anycast address for that subnet is 2001:db8:0:100::. Subnet router anycast addresses are not limited to /64 subnets – any sized subnet has a subnet router anycast address (except /127 subnets, which are special. See RFC 6164).

If a router has multiple subnets on the same link, then it has multiple subnet router anycast addresses on that link.

It works like this: Router interfaces configure themselves[1] with the zero address in each of their connected subnets[2]. All routers in the subnet respond to Neighbor Solicitation probes received for their subnet router anycast addresses, but they wait a small random amount of time before doing so. Neighbor Advertisements for anycast addresses don’t have the override flag set, so hosts shouldn’t flip between different routers unnecessarily when using the subnet router anycast address. If the subnet router anycast address it is using becomes unreachable for a host, the host just does another Neighbor Solicitation and should get a response from another router.

My personal testing indicates that subnet router anycast addresses are configured automatically by MikroTik routers, Cisco routers and Linux (when forwarding packets). It’s reasonable to assume that any Linux-derived operating system probably does so too, and anecdotal evidence suggests that OpenBSD and Juniper equipment also implement them. Interestingly, none of these operating systems seem to do anything useful with the subnet router anycast addresses – they don’t, for example, listen on those addresses for ssh connections, but they do respond to pings.

So there don’t seem to be many applications actually using subnet router anycast addresses. If you know of any, please comment!

[1] DAD is not performed for anycast addresses, for obvious reasons!

[2] Except for subnets with a /127 prefix, provided they support RFC 6164.